Industrial Network Security | Moxa

讓每個端點化為牢不可破的防護盾

未來無憂的工業網路安全保障

在今日的互聯工業環境中，強化設備防護是抵禦不斷演變的資安威脅關鍵。Moxa 藉由長期累積的經驗與專業認證解決方案，確保您的營運持續穩健、安全且不中斷。

內建安全設計
Moxa 設備具備保護關鍵邊緣元件的防護功能。
經驗驗證的資安實力
Moxa 是全球最早同時取得 IEC 62443-4-1 與 62443-4-2 認證的廠商之一。
值得信賴的解決方案
我們的安全產品專為降低風險、提升運作時間，並在最嚴苛的環境中維護網路完整性而設計。

探索 Moxa 的安全網路解決方案，從容應對瞬息萬變的威脅環境

網管與智慧型交換器
安全路由器
LAN 防火牆
安全邊緣連接

Secure Switches
Ports
Security Features
Redundancy Protocols
Software Management
Industrial Certifications

MDS-G4000	RKS-G4028	EDS-G4000	EDS-500E	SDS-3000
Up to 4 10GbE + 24 GbE	Up to 28 GbE	Up to 6 2.5GbE + 8 GbE	Up to 4 GbE + 24 FE	Up to 16 GbE
HTTPS, SSL/SSH, ACL, IEEE 802.1X, Port Security, DHCP Snooping, Secure Boot^*1	HTTPS, SSL/SSH, ACL, IEEE 802.1X, Port Security, DHCP Snooping, Secure Boot		HTTPS, SSL/SSH, ACL^*2, IEEE 802.1X	HTTPS, SSL, Port Lock
Turbo Ring, Turbo Chain, RSTP/STP, MRP, VRRP (L3 Model)		Turbo Ring, Turbo Chain, RSTP/STP, MRP		RSTP/STP, MRP
MXview One
IEC 61850-3, IEEE 1613, EN 50121-4, NEMA TS2, ATEX^3, CID2^3	IEC 62443-4-2 SL2, IEC 61850-3, IEEE 1613, EN 50121-4, NEMA TS2	IEC 62443-4-2 SL2, IEC 61850-3, IEEE 1613 (Class 1), DNV^4, ABS^4, NK^4, LR^4, EN 50121-4, NEMA TS2, ATEX^5, CID2^5, IECEx^*5	IEC 61850-3, IEEE 1613, DNV^6, ABS^6, NK^6, LR^6, EN 50121-4^6, NEMA TS2^6, ATEX^6, CID2^6	-

^*1. Only available for -4XGS models.
^*2. Only available for 18 and 28 port models.
^*3. Only available for the non-4XGS models.
^*4. Only available for -LV and PoE models.
^*5. Only available for -LV models.
^*6. Only available for 10 and 18 port models.

Secure Routers
Ports
NAT
Firewalls
IPS/IDS
DPI
VPN
Routing Throughput (based on RFC 2544)
Redundancy Protocols
Software Management
Industrial Certifications

EDR-G9010	EDR-G9004	EDR-8010	NAT-102	NAT-108
2 2.5GbE + 8 GbE^*1	Up to 2 2.5GbE + 2 GbE (1/2 DMZ/WAN ports)	2 GbE + 8 FE^*1	2 FE	8 FE
1-to-1, N-to-1, NAT loopback, Port forwarding, IP Twins Mapping^*4
DDoS, Ethernet protocols, ICMP, IP address, MAC address, Ports			IP address, MAC address (Device Lockdown), Ports
Requires an additional license			-	-
DNP3, EtherNet/IP, IEC 60870-5-104, IEC 61850 MMS, Modbus TCP, Modbus UDP, Omron FINS, Siemens S7 Comm., Siemens S7 Comm. Plus, OPC UA, MELSEC communication protocol			-	-
Up to 250 IPsec VPN tunnels		Up to 50 IPsec VPN tunnels	-	-
Max. 350K packets per second / 2 Gbps		Max. 50K packets per second / 500 Mbps	Max. 15K packets per second /100 Mbps
VRRP, Turbo Ring, Turbo Chain, RSTP/STP	VRRP	VRRP, Turbo Ring, Turbo Chain, RSTP/STP	-	-
MXview One, MXview Security^*3, MXsecurity	MXview One, MXview Security^*3, MXsecurity	MXview One, MXview Security^*3, MXsecurity	MXview One	MXview One
IEC 62443-4-2 SL2, IEEE 1613, IEC 61850-3 Ed. 2.0, ATEX^2, CID2^2, EN 50121-4^2, NEMA TS2^2, DNV^2, DNV IEC 61162-460 Edition 3.0^2, DNV security profile 2^2, IACS UR E27 Rev.1^2, IEC 60945^*2	IEEE 1613, IEC 61850-3 Ed. 2.0, ATEX, CID2, IECEx, EN 50121-4, NEMA TS2, DNV	IEEE 1613, IEC 61850-3 Ed. 2.0, ATEX, CID2, IECEx, EN 50121-4, NEMA TS2, DNV, DNV IEC 61162-460 Edition 3.0, DNV security profile 2, IACS UR E27 Rev.1, IEC 60945	EN 50121-4, NEMA TS2, ATEX, CID2	-

^*1. Supports user-configurable DMZ/WAN ports.
^*2. Only available for -LV models.
^*3. An active MXview One license is required in order to activate the MXview Security add-on license.
^*4. NAT-108 Series only.

LAN Firewalls
Ports
Firewalls
IPS/IDS
DPI
Software Management
Industrial Certifications

EDF-G1002-BP
2 GbE (Gen3 LAN Bypass)
DDoS, Ethernet protocols, ICMP, IP address, MAC address, Ports
Enabled by default. IPS pattern update functionality requires an additional license.
DNP3, EtherNet/IP, IEC 60870-5-104, IEC 61850 MMS, Modbus TCP, Modbus UDP, Omron FINS, Siemens S7 Comm., Siemens S7 Comm. Plus, OPC UA, MELSEC communication protocol
MXview One, MXview Security^*1, MXsecurity
NEMA TS2, EN 50121-4, CID2, ATEX, IECEx, DNV

^*1. An active MXview One license is required in order to activate the MXview Security add-on license.

Key Features	NPort 5000/5000A Series	NPort 6100-G2/6200-G2 Series Secure Terminal Servers	MGate Series	ioThinx 4500 Series
Embedded Security Functions for Secure Deployment
User Authentication & Authorization	Password protection (length, character enforcement)	Password protection (length, character enforcement) Authentication servers (RACIUS/TACACS+) Customized privilege for different user groups	Password protection (length, character enforcement)	Password protection (length, character enforcement)
Device Integrity	Check CRC code before update the device
Device Least Functionality	Security Hardening Guide Unused services can be disabled Telnet console default disabled	Security Hardening Guide Unused services can be disabled Telnet console default disabled	Security Hardening Guide Unused services can be disabled Telnet console default disabled	Security Hardening Guide Unused services can be disabled
Communication Integrity	HTTPS (TLS 1.2 embedded with self-signed certificate) SNMPv3	HHTTPS (TLS 1.2 embedded with self-signed certificate, also supports public certificate import) SSH/SNMPv3 ECC 256 (RSA-4096)	HTTPS (TLS 1.2 embedded with self-signed certificate), also support public certificate import SNMPv3	HTTPS (TLS 1.2 embedded with self-signed certificate, and can be exported) SNMPv3
Network Access Control	Accessible IP List Access Control List (ACL)
Securing Your Devices in Daily Maintenance
Configuration Management	GUI type of MXconfig CLI type of MCC tools
Device Management	Syslog Manageable via MXview Network Management Software
Vulnerability Management	Dedicated Cybersecurity Response Team for handling vulnerability Perform Nessus Scan

簡化安全網路架構的部署與維護

MXview One 的 Security Check 功能可自動掃描裝置設定、偵測安全漏洞，並提供可執行的強化建議，協助您更輕鬆打造更具韌性與自我防護能力的工業網路。

系統層級網路強化：可視化備援連線狀態與在網路備援協定中的裝置角色，集中式儀表板可快速掌握整體網路狀況。
裝置層級強化：依據工業資安標準顯示網路裝置的安全狀態，有助於確保合規性並提升防護能力。